Today I added a link to the support scam resources page at AVIEN: this one is by me for ESET, on the way support scams are gradually moving away from simple-minded cold-calling to fake-AV-like pop-ups, intended to trick victims into making the initial telephone contact.
I figured it was also worth flagging here since the scams are aimed not only at Windows users but at users of OS X and iOS, Android, and even (rather ineptly) Linux. How many Linux users believe their system uses an NT Kernel or the Windows Firewall?
(And no, Wine doesn’t have a bearing on this either: it implements the App Binary Interface in userspace, not in a kernel module.)
Here’s the direct link to the ESET article: Tech Support Scams: Top of the Pop-Ups, which has a few more screenshots, much more information, and some undiluted sarcasm. Sorry, support scammers just bring out the worst in me…
And for those who believe that nothing bad could ever happen to anyone who uses an Apple device, here are a few screenshots to show the sort of thing we’re seeing.
iOS Pop-up: fake system crash
Crude, but could be ineffective. For comparison, is a typical Windows fake Blue Screen of Death (BSOD) screenshot.
And here’s a Mac version.
OS X fake system crash
Moving away from the fake system crash approach to scamming, here’s a pop-up that claims Safari has detected something malicious. I’ve seen these on OS X and iOS, but using other browsers and platforms too. And, of course they also masquerade as anti-virus alerts from the likes of McAfee, Symantic/Norton, even AVG and MSE.
Fake Safari alert
And here’s an example of the sort of thing we’re seeing on Android, so that Chris DiBona won’t feel left out.
I guess, though, that given the recent fuss over XcodeGhost and YiSpector the number of people who believe in Apple’s immunity to malevolent software may have dropped slightly.
Hat tip to Steve Burn and Jerome Segura for their excellent work on support scam evolution.